ESessions Reconsidered

2005-07-07

I have yet again been investigating end-to-end encryption technologies for XMPP. As we recall, there are three documented approaches:

  1. JEP-0027 (OpenPGP signing of presence and encryption of the message <body/> character data)
  2. RFC 3923 (S/MIME-based signing and encryption of CPIM message bodies and PIDF presence documents)
  3. JEP-0116 (an SSH-like protocol for secure communication sessions between XMPP entities)

I've also heard rumblings from people who want to use XML Signature for end-to-end encryption of XMPP stanzas, but I have yet to see a formal proposal (only informal documentation). And of course there is the OTR (off-the-record messaging) approach, for which there is a Gaim plugin.

Without discussing the relative merits of these approaches in depth right now, I'd like to share the results of some research I've been doing with regard to JEP-0116 (Encrypted Sessions or ESessions). That protocol was defined by Dave Smith (I was simply the scribe in writing the JEP) and he has retracted the JEP from consideration. However, the more I read, the more I see that ESessions is essentially a translation of secure shell (SSH) semantics into XMPP syntax. While JEP-0116 could be better written in order to bring out its SSH-ness and to properly document the protocol (blame the scribe), I like the fact that it re-uses the semantics of a protocol that has undergone wide deployment and strong cross-area review within the IETF (in fact, I would hazard to say that ssh is one of the most successful security technologies on the Internet).

At this point I would like to take a stab at re-writing JEP-0116 to properly and completely document the ESessions protocol. This will give us a basis for comparing ESessions against the OpenPGP, S/MIME, and OTR approaches. In fact I'm about half done with the task, and I hope to finish it soon once I'm done grokking the SSH architecture and transport specs (approved by the IESG but not yet published as RFCs) as well as related specifications such as RFCs 3526 and 2409. In particular, I'm curious to see how ESessions differs from OTR, since both seem to inherit from the SSH model.

Stay tuned!


Peter Saint-Andre > Journal